Description
This change is to add authorization to the Livy to validate that the subject of the JWT matches the session owner or allowed users before doing any session operations. This is contributed in conjunction with [1].
[1] https://issues.apache.org/jira/browse/LIVY-552
I will put up a patch for this after LIVY-552 has been merged as it depends on some shared code.